<?php

require_once('../../execute/auth.php');
//Start session
	@session_start();
	
	//Include database connection details
	require_once('inc/config.inc');
	
	
	
	//Connect to mysql server
	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
	if(!$link) {
		die('Failed to connect to server: ' . mysql_error());
	}
	
	//Select database
	$db = mysql_select_db(DB_DATABASE);
	if(!$db) {
		die("Unable to select database");
	}
	
	$news_title= $_POST['news_title'];
	$cat_id= $_POST['news_cat'];
	$pub_id= $_POST['user_id'];
	$news_body= $_POST['news_body'];
	
mysql_query ('SET NAMES utf8');
mysql_query('SET CHARACTER_SET utf8');


$path = "../../uploads/";

	$valid_formats = array("jpg", "png", "gif", "bmp");
	//if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST")
		//{
			$name = $_FILES['photoimg']['name'];
			$size = $_FILES['photoimg']['size'];
			$r=10;
			if(strlen($name))
				{
					$r =1;
					list($txt, $ext) = explode(".", $name);
					if(in_array($ext,$valid_formats))
					{
						$r =2;
					if($size<(1024*1024))
						{
							$r =3;
							
							$actual_image_name = time().substr(str_replace(" ", "_", $txt), 5).".".$ext;
							$tmp = $_FILES['photoimg']['tmp_name'];
								
									$r =4;
								//mysql_query("INSERT INTO users image value('$actual_image_name') ");
								$insert=mysql_query("INSERT INTO news (title,content,image,category_id,publisher_id,publish_date,news_stat) values('$news_title', '$news_body', '$actual_image_name', '$cat_id', '$pub_id', NOW() ,1)") or die("error:".mysql_error());	
									//echo "<img src='uploads/".$actual_image_name."'  class='preview'>";
								
							if($insert){
								move_uploaded_file($tmp, $path.$actual_image_name);	
							}
							
							
							
							else
							{echo "failed";$r=77;}
						}
						else
						{echo "Image file size max 1 MB";$r=88;}					
						}
						else
						{echo "Invalid file format..";$r=99;}	
				}
				
		//	else
			//	echo "Please select image..!";
				
			//exit;
		//}





//$insert=mysql_query("INSERT INTO news (title,content,news_cat,publisher_id,publish_date,news_stat) values('$news_title', '$news_body', 'cat_id', '$user_id', '$pub_date',1)")or die("error:".mysql_error());
//Status=0 means : initiated, 1 means: Approved by MoE, 2 means: Budged Allocated, 3 mean: Allotment Received, 4 means: Done
if($insert){
header("location:../news.php?r=s");
	}
	else {
header("location:../news.php?r=f");
		
		}
		?>